China Labels iPhone A Security Threat

State media says the iPhone's ability to collect user location data is dangerous.

China's state media on Friday criticized the Apple iPhone's location and time-stamping features, going so far as to say the device is a threat to national security. Apple began selling the iPhone through China Mobile, the country's largest mobile operator, early this year.

Chinese broadcaster CCTV ran a report showing how data stored in the "Frequent Locations" feature can be rooted out and put to nefarious uses. Ma Ding, who runs the online security institute at People’s Public Security University of China, claimed, "This is extremely sensitive data" that could be used to take a snapshot of China's economy and "even state secrets." Apple was highly criticized in China last year over its customer service and warranty policies. Apple CEO Tim Cook bowed to heavy pressure at the time and offered an official apology in April 2013. Apple didn't immediately respond to this week's broadcast by CCTV.

Apple isn't the first American company to suffer from smear campaigns run by Chinese media in recent months. Facebook, Google, and Microsoft have also come under fire for their alleged participation in NSA-backed spying schemes. Google's online services have been disrupted in China for more than a month. Further, the Chinese government has effectively banned Microsoft's Windows 8 operating system from new government machines.

China's actions follow charges filed by the US against Chinese military officers for allegedly hacking the computers of American companies. Edward Snowden's revelations about the NSA and its in-depth, world-spanning data collection practices haven't helped matters.

Before Edward Snowden spoke up about the NSA, the US put pressure on Chinese telecommunications companies Huawei and ZTE, restricting their use in US networking infrastructure. Just this week, the US claimed Chinese hackers broke into federal government computers. You can see where this is going.

(Image: iMore)

The issue at hand really has nothing to do with the iPhone. Nearly all smartphones -- including those manufactured and sold in China by Chinese companies -- collect and store location data. The same goes for tablets. China's state-run media is singling out the iPhone because it is made by an American company, not because it represents more of a threat than any other smartphone in the market. The US is just as guilty as China at playing the blame game.

If you're really worried about how your smartphone collects and stores your location data, feel free to turn off location services. Most apps individually let you control whether or not they can access location data, and the GPS radios themselves can often be turned off. According to Apple, the Frequent Locations feature called "evil" by the Chinese media keeps data "solely on your device and won't be sent to Apple without your consent. It will be used to provide you with personalized services, such as predictive traffic routing."

Here's a complete walkthrough that teaches you how to turn off your iPhone's location-storing behaviors.

In its ninth year, Interop New York (Sept. 29 to Oct. 3) is the premier event for the Northeast IT market. Strongly represented vertical industries include financial services, government, and education. Join more than 5,000 attendees to learn about IT leadership, cloud, collaboration, infrastructure, mobility, risk management and security, and SDN, and explore 125 exhibitors' offerings. Register with Discount Code MPIWK to save $200 off Total Access & Conference Passes.

Eric is a freelance writer for InformationWeek specializing in mobile technologies. View Full Bio

I don't know, at some point there has to be some personal responsibility in what you are posting on social media. If you post a picture of yourself on vacation, you are broadcasting that you are not at home, whether the photo itself is geo tagged or not. I agree that there has to be greater transparency with some of these technologies telling you what is and isn't tagged, but you can put up all the message boxes in the world warning the user and more often than not they will just click through it anyway...

Back in the 90's there was the big argument about "opt-in" vs "opt-out" that the security and technical community were in agreement that "opt-out" was riddled with privacy abuse potential. (Time proved the potential was actually real as marketing even tried to hide opt-out check boxes. And some still make it confusing on purpose.)

Now the discussion has moved to the mobile platforms. Many apps really don't need all of the permissions they require for install. The ability to granularly allow/deny these privileges at install does not currently exist. (Google, Apple, MS, Blackberry are you listening?)

The GPS & timestamping of photos also needs to be a clear option to enable/disable, as this feature has already been used in stalking and home robberies when the images have been shared on certain social media sites that did not strip the data. Consumers simply do not understand the value of their personal information and how it is used to build profiles defining patterns of behavior that is being (not just can be) exploited. So if takes China making noise to further the discussion, regardless of the actual motivation, I call it a good thing overall.

Here is a piece of conceptual IP I am making free to all vendors equally. Call it Personal Privacy Control Panel as a widget. Put the categories of all of the functionality features on the left and list on the right of who is using them with an enable/disable switch/button for each client app and a global on/off for the whole feature. (Like GPS/Service Location, GEO Tagging, Internet access, etc) Make it that simple and people will use it. If apps break because they suddenly can't show marketing ads, then it is up to the developers to write in a notice handler explaining why the app is disabled. People will either up to paid ad-free versions or at least be aware of what they are allowing access to. Tie the API for the panel into the business sandboxing scripting controls to facilitate business IT departments in meeting their requirements to secure devices with access to business resources and IP. Nice and modular. There, I put the concept and basic design out here in the public, use it and don't sue each other about it. This is too important core functionality-wise to block in any way.

The article implies that you can turn off the GPS on smartphones. You can't actually do that, allegedly because 911 services need to know where the phone is. Even if the GPS could be turned off, very accurate location data can be determined from cell-tower IDs and SSIDs from mapped WiFi hosts (and they're all mapped)

Our data shows these innovators using digital technology in two key areas: providing better products and cutting costs. Almost half of them expect to introduce a new IT-led product this year, and 46% are using technology to make business processes more efficient.

Among 688 respondents to our Mobile Application Development Survey ó up from 350 respondents in 2012 ó 46% have deployed mobile apps, with an additional 24% planning to in the next year. Whatís the holdup for that remaining 30%? Often, itís a lack of expertise.